Vulnerability Scanning

Information Security and Policy (ISP) offers both campus-wide and departmental vulnerability scanning.

  • Campus-wide: ISP continuously scans the campus network for security vulnerabilities on connected devices. We use a number of scanners using Tenable Nessus, along with Tenable's Professional Feed of network vulnerability "plugins", to detect systems which may be vulnerable to attack. When detected, high-risk vulnerabilities are reported to designated security contacts for investigation and remediation. Vulnerabilities may include:
    • Missing patches and updates;
    • Misconfigurations allowing unintentional data exposure;
    • Weak and default system passwords;
    • Unsupported operating systems and software;
    • Insecure and unecessary network services.
  • Departmental: In addition to our campus-wide network vulnerability scanning service, ISP offers the use of our scanning tools to campus departmental IT staff for proactive discovery of vulnerabilities on the systems they support. We offer local departmental IT staff:
    • An account on our Nessus server and access to a web UI to configure and launch scans;
    • Access to perform custom, on-demand scans of your department's network devices; and,
    • A regularly scheduled full vulnerability scan with results sent as an encrypted ZIP via email.

Service details

Service category

Quick Links

Report an IT security incident   Check System Status   Search the Knowledge Base

Contact

Eligibility

  • Faculty
  • Staff